MDKSA-2001:056

Package name

tcpdump

Date

2001-06-13

Advisory ID

MDKSA-2001:056

Affected versions

8.0 i586 , SNF7.2 i586 , 7.2 i586 , 7.1 i586 , CS1.0 i586

Problem description

A number of remote buffer overflows were discovered in the tcpdump package that would allow a remote attack of the local tcpdump process. Intrusion detection using tcpdump would no longer be useful due to the attack stoping all network activity on the system. As well, this new version of tcpdump fixes the vulnerability with decoding AFS ACL packets which would allow a remote attacker to run arbitrary code on the local system with root privilege.

Updated packages

8.0 i586

 80b8a68f8e39611ae50d51fe687abe40  8.0/RPMS/tcpdump-3.6.2-1.1mdk.i586.rpm
645e03ddc0b4460408d520f60cf717be  8.0/SRPMS/tcpdump-3.6.2-1.1mdk.src.rpm

SNF7.2 i586

 a1439b909ba27750442eebbbee5e08df  snf7.2/RPMS/tcpdump-3.6.2-1.1mdk.i586.rpm
645e03ddc0b4460408d520f60cf717be  snf7.2/SRPMS/tcpdump-3.6.2-1.1mdk.src.rpm

7.2 i586

 a1439b909ba27750442eebbbee5e08df  7.2/RPMS/tcpdump-3.6.2-1.1mdk.i586.rpm
645e03ddc0b4460408d520f60cf717be  7.2/SRPMS/tcpdump-3.6.2-1.1mdk.src.rpm

7.1 i586

 c8fe383f342db8606260542467d3e07f  7.1/RPMS/tcpdump-3.6.2-1.2mdk.i586.rpm
6674b50123f67f5726dace651ee56e40  7.1/SRPMS/tcpdump-3.6.2-1.2mdk.src.rpm

CS1.0 i586

 c8fe383f342db8606260542467d3e07f  1.0.1/RPMS/tcpdump-3.6.2-1.2mdk.i586.rpm
6674b50123f67f5726dace651ee56e40  1.0.1/SRPMS/tcpdump-3.6.2-1.2mdk.src.rpm

References

• http://www.ciac.org/ciac/bulletins/l-015.shtml